the issue is that we want to create a dashboard related to HR so the client doesn't want anyone to see the script except the ONE developer and also the connection string should not be used except by the ONE developer

so even if we created a security rule the root admin is able to modify it or give himself privilege to use that connection no?